How To Secure Website And Stay Away From Bad Guys
Protect your site
Ensure that any software you use (e.g., blogging software like WordPress, third party scripts, etc.) is kept up to date with the latest security fixes, either by you (if you installed the software) or by your hosting provider.
Remove any scripts, services, or other software that you are no longer using.
Change any default passwords that come with the software you are using.
Use appropriate file permissions on your web server.
Protect your password
You might think that just because your password now looks something likeXWE42GH64223JHTF6533H in one of database files, it means that it can’t be cracked? Wrong. Tools are freely available which will decipher a certain proportion of hashed and similarly encoded passwords.
Use a strong password and change it occasionally, especially if you have reason to think it has been compromised.
Tips for choosing and protecting a strong password can be found at my blog
A Few Defensive Measures :
- Use anti-virus scanner
- AdAware Free anti-malware scanner
- Microsoft Windows Defender, which is a free anti-malware program
- Spybot Search and Destroy, a free anti-malware program
- If you utilize a web content management system, subscribe to the development blog. Update to new versions soon as possible.
- Update all 3rd party modules as a matter of course — any modules incorporating web forms or enabling member file uploads are a potential threat. Module vulnerabilities can offer access to your full database.
- If you have an admin login page for your custom built CMS, why not call it ‘Flowers.php’ or something, instead of “AdminLogin.php” etc.
Certain hacks, particularly SQL injection attacks against vulnerable Joomla! installations, may result in the database being altered with malicious code. Such a modification can allow the hacker back in even if you’ve updated to the latest version and cleaned off all foreign files. For this reason it’s a good idea after a hack to inspect the database in the same way you check your files to see if anything has been changed that should not be. If you know when the hack occurred you may even wish to revert the database back to a prior time then please contact your Hosting support and they can restore the database from backups.
Restoring Lost/Modified files
Please see the ‘Server Rewind’ icon in cPanel to restore lost files in your home directory from last backup.Contact hosting provider for support.
Increased Security By Using CDN & SSL
CloudFlare is a content delivery network (CDN) service. On average, a website using CloudFlare loads 30% faster, uses 60% less bandwidth, has 65% fewer requests and is much more secure. CloudFlare’s network blocks threats and limits abusive bots before they hit your server, increasing security and reducing wasted bandwidth.
Now CloudFlare offers SSL with CDN.You must enable SSL if your site is e commerce or online shop where payments are accepted. You can enable CloudFlare on our shared webhosting accounts via cPanel. You can also opt to sign up directly on CloudFlare’s site if you are using cpanel. https://www.cloudflare.com
Once the PC is free of viruses, it is crucial to change the cPanel, email, FTP and database and all other passwords. Make sure the new passwords are very strong and difficult for people to decipher. Try and use different passwords for each and everything.
Once you’ve repaired the damage done, it is time to make sure it doesn’t happen again. You will have to manage your website properly keeping it safe and secure.
Here are a few tips:
Install a good antivirus software program on your PC. You will need real-time continuous protection as scanning it once a day is not good enough. Malware has the ability to delete itself after causing the damage.
Install all the latest security patches on Windows systems as well as all other internet-related software.
Use strong passwords using upper and lower case letters, numeric as well as punctuations in the password. Do not use the same password for everything.
You must make sure it is safe before downloading anything from the internet; whether it is a script or something else.
You must give your website the same importance you would give the house you live in. Just as you would secure it properly to make sure nobody gets in, you must ensure your website is locked for all bad elements.